Re: Newbie question: su root?


Subject: Re: Newbie question: su root?
From: ke Svensson (aakesve@algonet.se)
Date: Tue Jan 15 2002 - 21:55:33 MST


Thanks guys! For the overwhelming support! This list is great! Now I have
leads to work with for a week. I'll be back with a report!

Best Regards,

Ake Svensson, Sweden

> Från: Keary Suska <hierophant@pcisys.net>
> Svara till: yellowdog-general@lists.yellowdoglinux.com
> Datum: Tue, 15 Jan 2002 15:38:43 -0700
> Till: Yellow Dog Linux <yellowdog-general@lists.yellowdoglinux.com>
> Ämne: Re: Newbie question: su root?
>
> Since you can't su root at the console either, it is not an issue with
> telnetd. Since there aren't any means to restrict who can su on Linux that I
> know of, I would lean towards a PAM misconfiguration issue. I would make
> sure your PAM config files are correct (/etc/pam.d)--mostly that they all
> agree abut the use of shadowed passwords (if used) and encryption algorithm
> (such as if you are using MD5). You can ignore the files that relate to
> services (such as ftp or telnet). You may also want to check out
> /etc/pwdb.conf.
>
> While testing and checking things out, you should work at the system console
> from a shell, and *not* a windowing environment. That way you are
> eliminating as many other possible interfering factors as well.
>
> For the heck of it, does the root user have a valid shell defined?
>
> Keary Suska
> Esoteritech, Inc.
> "Leveraging Open Source for a better Internet"
>
>> From: Åke Svensson <aakesve@algonet.se>
>> Reply-To: yellowdog-general@lists.yellowdoglinux.com
>> Date: Tue, 15 Jan 2002 23:15:02 +0200
>> To: <yellowdog-general@lists.yellowdoglinux.com>
>> Subject: Re: Newbie question: su root?
>>
>>
>> Keary Suska wrote:
>>
>> "That's strange--the default functionality should not prevent this. I am
>> assuming that you can successfully log in as root at the console? Can you
>> log in as a normal user at the console and su root? What do your log files
>> say about what's going on?"
>>
>> Yes, I can log in as root and as a normal user at the console, but not do
>> 'su root' as a normal user ('incorrect password') at the console.
>>
>> Good tip about the logfiles! My '/var/log/messages' says: 'PAM-unix[1070]:
>> authentication failure; "my_normal_user_id"(uid=1001 -> root for su
>> service'.
>>
>> I understand that authentication doesn't succeed but I've tried to expand
>> the permissions of 'my_normal_user_id' in KDE's User Manager but it didn't
>> help.
>>
>> I've also read the man page for 'telnetd' but found no config options there.
>>
>> Best Regards,
>>
>> Ake Svensson
>>
>
>



This archive was generated by hypermail 2a24 : Tue Jan 15 2002 - 23:12:47 MST